Message ID | 20150311175502.30898.36762.stgit@nfdev.cica.es |
---|---|
State | Accepted |
Delegated to: | Pablo Neira |
Headers | show |
On Wed, Mar 11, 2015 at 06:55:03PM +0100, Arturo Borrero Gonzalez wrote: > Before this patch, rule deleting with -D produces segfault in rules > with no target. Applied, thanks. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/iptables/nft-bridge.c b/iptables/nft-bridge.c index e3ab667..084dd58 100644 --- a/iptables/nft-bridge.c +++ b/iptables/nft-bridge.c @@ -619,7 +619,7 @@ static bool nft_bridge_rule_find(struct nft_family_ops *ops, struct nft_rule *r, return false; } - if (strcmp(cs->jumpto, this.jumpto) != 0) { + if (cs->jumpto != NULL && strcmp(cs->jumpto, this.jumpto) != 0) { DEBUGP("Different verdict\n"); return false; }
Before this patch, rule deleting with -D produces segfault in rules with no target. Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> --- iptables/nft-bridge.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html